Add unique indexing for username/email

Author: drew-gross

spec/ParseAPI.spec.js

@@ -6,6 +6,10 @@ var DatabaseAdapter = require('../src/DatabaseAdapter');
 var request = require('request');
 const Parse = require("parse/node");
 let Config = require('../src/Config');
+let defaultColumns = require('../src/Controllers/SchemaController').defaultColumns;
+
+const requiredUserFields = { fields: Object.assign({}, defaultColumns._Default, defaultColumns._User) };
+
 
 describe('miscellaneous', function() {
   it('create a GameScore object', function(done) {
@@ -45,17 +49,116 @@ describe('miscellaneous', function() {
     });
   });
 
-  it('fail to create a duplicate username', function(done) {
-    createTestUser(function(data) {
-      createTestUser(function(data) {
-        fail('Should not have been able to save duplicate username.');
-      }, function(error) {
+  fit('fail to create a duplicate username', done => {
+    let numCreated = 0;
+    let numFailed = 0;
+    let p1 = createTestUser();
+    p1.then(user => {
+      numCreated++;
+      expect(numCreated).toEqual(1);
+    })
+    .catch(error => {
+      numFailed++;
+      expect(numFailed).toEqual(1);
+      expect(error.code).toEqual(Parse.Error.USERNAME_TAKEN);
+    });
+    let p2 = createTestUser();
+    p2.then(user => {
+      numCreated++;
+      expect(numCreated).toEqual(1);
+    })
+    .catch(error => {
+      numFailed++;
+      expect(numFailed).toEqual(1);
+      expect(error.code).toEqual(Parse.Error.USERNAME_TAKEN);
+    });
+    Parse.Promise.all([p1, p2])
+    .then(() => {
+      fail('one of the users should not have been created');
+      done();
+    })
+    .catch(done);
+  });
+
+  fit('ensure that if people already have duplicate users, they can still sign up new users', done => {
+    let config = new Config('test');
+    config.database.adapter.createObject('_User', { objectId: 'x', username: 'u' }, requiredUserFields)
+    .then(() => config.database.adapter.createObject('_User', { objectId: 'y', username: 'u' }, requiredUserFields))
+    .then(() => {
+      let user = new Parse.User();
+      user.setPassword('asdf');
+      user.setUsername('zxcv');
+      return user.signUp();
+    })
+    .then(() => {
+      let user = new Parse.User();
+      user.setPassword('asdf');
+      user.setUsername('u');
+      user.signUp()
+      .catch(error => {
         expect(error.code).toEqual(Parse.Error.USERNAME_TAKEN);
         done();
       });
+    })
+    .catch(() => {
+      fail('save should have succeeded');
+      done();
     });
   });
 
+  fit('ensure that email is uniquely indexed', done => {
+    let numCreated = 0;
+    let numFailed = 0;
+
+    let user1 = new Parse.User();
+    user1.setPassword('asdf');
+    user1.setUsername('u1');
+    user1.setEmail('[email protected]');
+    let p1 = user1.signUp();
+    p1.then(user => {
+      numCreated++;
+      expect(numCreated).toEqual(1);
+    })
+    .catch(error => {
+      numFailed++;
+      expect(numFailed).toEqual(1);
+      expect(error.code).toEqual(Parse.Error.EMAIL_TAKEN);
+    });
+
+    let user2 = new Parse.User();
+    user2.setPassword('asdf');
+    user2.setUsername('u2');
+    user2.setEmail('[email protected]');
+    let p2 = user2.signUp();
+    p2.then(user => {
+      numCreated++;
+      expect(numCreated).toEqual(1);
+    })
+    .catch(error => {
+      numFailed++;
+      expect(numFailed).toEqual(1);
+      expect(error.code).toEqual(Parse.Error.EMAIL_TAKEN);
+    });
+    Parse.Promise.all([p1, p2])
+    .then(() => {
+      fail('one of the users should not have been created');
+      done();
+    })
+    .catch(done);
+  });
+
+  it('ensure that if people already have duplicate emails, they can still sign up new users', done => {
+
+  });
+
+  it('ensure you get the right error if you have 2 users with the same email', done => {
+
+  });
+
+  it('ensure that if you try to sign up a user with a unique username and email, but duplicates in some other field that has a uniqueness constraint, you get a regular duplicate value error', done => {
+
+  });
+
   it('succeed in logging in', function(done) {
     createTestUser(function(u) {
       expect(typeof u.id).toEqual('string');

spec/Uniqueness.spec.js

@@ -66,10 +66,6 @@ describe('Uniqueness', function() {
     });
   });
 
-  notWorking('doesnt let you enforce uniqueness on nullable fields', done => {
-    // Coming later, once we have a way to specify that a field is non-nullable
-  });
-
   it('can do compound uniqueness', done => {
     let config = new Config('test');
     config.database.adapter.ensureUniqueness('CompoundUnique', ['k1', 'k2'], { fields: { k1: { type: 'String' }, k2: { type: 'String' } } })
@@ -102,4 +98,12 @@ describe('Uniqueness', function() {
       done();
     });
   });
+
+  it('adding a unique index to an existing field works even if it has nulls', done => {
+
+  });
+
+  it('adding a unique index to an existing field doesnt prevent you from adding new documents with nulls', done => {
+
+  });
 });

src/RestWrite.js

@@ -14,6 +14,8 @@ var triggers = require('./triggers');
 import RestQuery from './RestQuery';
 import _         from 'lodash';
 
+const requiredUserFields = { fields: { ...SchemaController.defaultColumns._Default, ...SchemaController.defaultColumns._User } };
+
 // query and data are both provided in REST API format. So data
 // types are encoded by plain old objects.
 // If query is null, this is a "create" and the data in data should be
@@ -356,44 +358,60 @@ RestWrite.prototype.transformUser = function() {
       }
       return;
     }
-    return this.config.database.find(
-      this.className, {
-        username: this.data.username,
-        objectId: {'$ne': this.objectId()}
-      }, {limit: 1}).then((results) => {
-        if (results.length > 0) {
-          throw new Parse.Error(Parse.Error.USERNAME_TAKEN,
-                                'Account already exists for this username');
-        }
-        return Promise.resolve();
-      });
+    // TODO: refactor this so that ensureUniqueness isn't called for every single sign up.
+    return this.config.database.adapter.ensureUniqueness('_User', ['username'], requiredUserFields)
+    .catch(error => {
+      if (error.code === Parse.Error.DUPLICATE_VALUE) {
+        // If they already have duplicate usernames or emails, the ensureUniqueness will fail,
+        // and then nobody will be able to sign up D: so just use the old, janky
+        // method to check for duplicate usernames.
+        return this.config.database.find(
+          this.className,
+          { username: this.data.username, objectId: {'$ne': this.objectId()} },
+          { limit: 1 }
+        )
+        .then(results => {
+          if (results.length > 0) {
+            throw new Parse.Error(Parse.Error.USERNAME_TAKEN, 'Account already exists for this username.');
+          }
+          return;
+        });
+      }
+      throw error;
+    })
   }).then(() => {
     if (!this.data.email || this.data.email.__op === 'Delete') {
       return;
     }
     // Validate basic email address format
     if (!this.data.email.match(/^.+@.+$/)) {
-      throw new Parse.Error(Parse.Error.INVALID_EMAIL_ADDRESS,
-                            'Email address format is invalid.');
+      throw new Parse.Error(Parse.Error.INVALID_EMAIL_ADDRESS, 'Email address format is invalid.');
     }
     // Check for email uniqueness
-    return this.config.database.find(
-      this.className, {
-        email: this.data.email,
-        objectId: {'$ne': this.objectId()}
-      }, {limit: 1}).then((results) => {
-        if (results.length > 0) {
-          throw new Parse.Error(Parse.Error.EMAIL_TAKEN,
-                                'Account already exists for this email ' +
-                                'address');
-        }
-        return Promise.resolve();
-      }).then(() => {
-        // We updated the email, send a new validation
-        this.storage['sendVerificationEmail'] = true;
-        this.config.userController.setEmailVerifyToken(this.data);
-        return Promise.resolve();
-      })
+    return this.config.database.adapter.ensureUniqueness('_User', ['email'], requiredUserFields)
+    .catch(error => {
+      // Same problem for email as above for username
+      if (error.code === Parse.Error.DUPLICATE_VALUE) {
+        return this.config.database.find(
+          this.className,
+          { email: this.data.email, objectId: {'$ne': this.objectId()} },
+          { limit: 1 }
+        )
+        .then(results => {
+          if (results.length > 0) {
+            throw new Parse.Error(Parse.Error.EMAIL_TAKEN, 'Account already exists for this email address.');
+          }
+          return;
+        });
+      }
+      throw error;
+    })
+    .then(() => {
+      // We updated the email, send a new validation
+      this.storage['sendVerificationEmail'] = true;
+      this.config.userController.setEmailVerifyToken(this.data);
+      return;
+    })
   });
 };
 
@@ -762,6 +780,36 @@ RestWrite.prototype.runDatabaseOperation = function() {
 
     // Run a create
     return this.config.database.create(this.className, this.data, this.runOptions)
+    .catch(error => {
+      if (this.className !== '_User' || error.code !== Parse.Error.DUPLICATE_VALUE) {
+        throw error;
+      }
+      // If this was a failed user creation due to username or email already taken, we need to
+      // check whether it was username or email and return the appropriate error.
+
+      // TODO: See if we can later do this without additional queries by using named indexes.
+      return this.config.database.find(
+        this.className,
+        { username: this.data.username, objectId: {'$ne': this.objectId()} },
+        { limit: 1 }
+      )
+      .then(results => {
+        if (results.length > 0) {
+          throw new Parse.Error(Parse.Error.USERNAME_TAKEN, 'Account already exists for this username.');
+        }
+        return this.config.database.find(
+          this.className,
+          { email: this.data.email, objectId: {'$ne': this.objectId()} },
+          { limit: 1 }
+        );
+      })
+      .then(results => {
+        if (results.length > 0) {
+          throw new Parse.Error(Parse.Error.EMAIL_TAKEN, 'Account already exists for this email address.');
+        }
+        throw error;
+      });
+    })
     .then(response => {
       response.objectId = this.data.objectId;
       response.createdAt = this.data.createdAt;